Comment 11 for bug 638384
Revision history for this message
| Scott Bambrough (scottb) wrote Re: [Bug 638384] Re: hwpack-install asks for confirmation of not authenticated packages | #11 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
On Fri, 2011-03-18 at 21:01 +0000, James Westby wrote:
> Alexander suggested that we could do the following for an interim
> solution
>
> * Copy the apt trustdb in to the chroot before running hwpack-install. This assumes that if the user trusts the repo on their own machine they trust it on the image too
> * Ship PPA keys that we use a lot (overlay, kernel, PPAs) with linaro-image-tools. We could either load them in to the machines trustdb, or have a custom trustdb that we copy over as well. If the user installs via a package then we have a trust path by those means.
>
> This would eliminate the common causes, and we could tell engineers how to add extra keys to that for
> PPAs that they use often.
>
> It's easier than the signing solution in many ways, so could be a good
> interim solution, and may be good enough that we never go for signing.
>
> What do people think?
Could the PPA keys be part of the hardware pack itself?
Scott
--
Scott Bambrough <email address hidden>
Technical Director, Linaro Landing Teams